Engineering-L2-Bengaluru-Associate-Security Engineering

Goldman Sachs Technology Risk leads threat and risk management initiatives that help to protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats, and protect against unauthorized disclosure of confidential client, employee and supply chain information.

You will join a progressive Technology Risk team which continues to push the development of security controls within engineering functions and across the business. You will interact with all parts of the firm, giving you experience and knowledge to facilitate future career growth within the firm.

We are looking for a self-motivated candidate with a strong technical background and data security or data risk management experience to join a team that drives the data protection strategy and adoption of technical controls across the firm’s applications and platforms.

RESPONSIBILITIES AND QUALIFICATIONS

• Plan, execute and support data protection and data risk management initiatives
• Drive adoption of data protection controls across applications and platforms and 
• Develop scalable processes to ensure data protection controls are operating effectively
• Provide advice and guidance to engineering teams on applying relevant security policies and standards; and how to adopt security controls defined in the firm’s Technology Risk and Control Framework
• Participate in global, regional and local Technology Risk initiatives aimed at improving our baseline on data protection, resiliency and controls of technology processes and services
• Provide clear and concise verbal and written recommendations and guidance to business and technology staff on matters of data protection or data risk management

SKILLS AND EXPERIENCE WE ARE LOOKING FOR

• Bachelor’s degree in Information/Cyber Security, Computer Science or Software Engineering
• 3 years of experience in a security or risk management function
• Strong background of data protection or data risk management concepts and practices
• Technical knowledge in technology architecture and infrastructure.
• Robust and hands-on data analysis experience with tools like Excel, PowerBI or Alteryx
• Proven analytical thinking abilities
• Excellent oral, written, and presentation communication skills
• Ability to document and explain technical details in a concise and understandable manner
• Good team player along with the ability to work independently

PREFERRED QUALIFICATIONS

• Relevant industry certifications
• Experience with risk analysis and risk management frameworks and methodologies (ISO 27001, NIST etc)
• Understanding of relational database technologies (e.g. SQL)
• Knowledge of networking technologies, operating systems and software development lifecycle (SDLC).
• An understanding of the regulatory environment related to technology control requirements, including global data protection regulations.